{"vulnerability": "CVE-2024-3515", "sightings": [{"uuid": "a7b2e38e-f68f-420d-8922-329df53f99e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35150", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113889477647139830", "content": "", "creation_timestamp": "2025-01-25T14:31:56.546229Z"}, {"uuid": "50941918-4e76-4a25-878f-6995b46efdbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35150", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lglk73fhpw2i", "content": "", "creation_timestamp": "2025-01-25T18:30:39.991730Z"}, {"uuid": "7f441d6f-35fc-4f39-addb-423471e60536", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35150", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3103", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-939q-9pxw-m29r\n\ud83d\udd25 CVSS Score: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\n\ud83d\udd39 Description: IBM Maximo Application Suite 8.10.12, 8.11.0, 9.0.1, and 9.1.0 - Monitor Component does not neutralize output that is written to logs, which could allow an attacker to inject false log entries.\n\ud83d\udccf Published: 2025-01-25T15:30:31Z\n\ud83d\udccf Modified: 2025-01-25T15:30:31Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-35150\n2. https://www.ibm.com/support/pages/node/7180057", "creation_timestamp": "2025-01-25T17:06:21.000000Z"}, {"uuid": "604a6c24-c64f-42d8-9352-02a759f368e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35150", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3084", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-35150\n\ud83d\udd39 Description: IBM Maximo Application Suite 8.10.12, 8.11.0, 9.0.1, and 9.1.0 - Monitor Component does not neutralize output that is written to logs, which could allow an attacker to inject false log entries.\n\ud83d\udccf Published: 2025-01-25T14:31:10.563Z\n\ud83d\udccf Modified: 2025-01-25T14:31:10.563Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7180057", "creation_timestamp": "2025-01-25T15:05:04.000000Z"}, {"uuid": "0e7be0eb-af7c-42c6-b98f-20c21720cd4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35151", "type": "seen", "source": "https://t.me/cvedetector/3909", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-35151 - IBM OpenPages with Watson API Authorization Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-35151 \nPublished : Aug. 22, 2024, 11:15 a.m. | 44\u00a0minutes ago \nDescription : IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive information through improper authorization controls on APIs. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T14:21:44.000000Z"}, {"uuid": "189ecd18-1782-4201-b045-4a61991412af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35150", "type": "seen", "source": "https://t.me/cvedetector/16401", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-35150 - IBM Maximo Application Suite Monitor Log Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-35150 \nPublished : Jan. 25, 2025, 3:15 p.m. | 2\u00a0hours, 11\u00a0minutes ago \nDescription : IBM Maximo Application Suite 8.10.12, 8.11.0, 9.0.1, and 9.1.0 - Monitor Component does not neutralize output that is written to logs, which could allow an attacker to inject false log entries. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-25T18:50:37.000000Z"}, {"uuid": "5ccd4b1b-0f2a-4a54-a18a-a6657157f5fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35154", "type": "seen", "source": "https://t.me/cvedetector/481", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-35154 - IBM WebSphere Application Server 8.5 and 9.0 could\", \n  \"Content\": \"CVE ID : CVE-2024-35154 \nPublished : July 9, 2024, 10:15 p.m. | 28\u00a0minutes ago \nDescription : IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has authorized access to the administrative console, to execute arbitrary code.  Using specially crafted input, the attacker could exploit this vulnerability to execute arbitrary code on the system.  IBM X-Force ID:  292641. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-10T00:52:12.000000Z"}, {"uuid": "8d0e388d-51cd-482c-9013-7f902e75d78d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35152", "type": "seen", "source": "https://t.me/cvedetector/3193", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-35152 - IBM Db2 DoS Memory Corruption Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-35152 \nPublished : Aug. 14, 2024, 6:15 p.m. | 28\u00a0minutes ago \nDescription : IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation. IBM X-Force ID:  292639. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T20:44:29.000000Z"}, {"uuid": "48911edf-da21-4551-bd19-4ff3a275a9a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3515", "type": "seen", "source": "https://t.me/arpsyndicate/4838", "content": "#ExploitObserverAlert\n\nCVE-2024-3515\n\nDESCRIPTION: Exploit Observer has 18 entries in 5 file formats related to CVE-2024-3515. Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\nFIRST-EPSS: 0.000450000\nARPS-PRIORITY: 0.7748272", "creation_timestamp": "2024-04-25T04:34:35.000000Z"}, {"uuid": "4f354d82-9b06-4849-9dcb-3ca687ee3cdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3515", "type": "seen", "source": "https://t.me/arpsyndicate/4845", "content": "#ExploitObserverAlert\n\nCVE-2024-3515\n\nDESCRIPTION: Exploit Observer has 23 entries in 6 file formats related to CVE-2024-3515. Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\nFIRST-EPSS: 0.000450000\nARPS-PRIORITY: 0.7857915", "creation_timestamp": "2024-04-25T14:19:44.000000Z"}]}